<?php
session_start();
require "../util/DBUtil.php";
/**
 *支付验证
 */

if (!isset($_SESSION['login_user'])){
    echo "<script>alert('请先登录');</script>";
    return;
}

/*判断支付密码是否输入正确*/
$userID = unserialize($_SESSION['login_user'])['id'];
$payPwd0 = $_POST['password0'];
$payPwd1 = $_POST['password1'];
$payPwd2 = $_POST['password2'];
$payPwd3 = $_POST['password3'];
$payPwd = $payPwd0.$payPwd1.$payPwd2.$payPwd3;
//print_r($payPwd);
//echo $userID;
$db = new DBUtil();
$sql = "select * from tb_user where id=".$userID." and payPassword = ".$payPwd;
$result = $db->query($sql);
if (count($result)<=0){
    echo "<script>alert('支付密码错误！请重新支付');history.back();</script>";
}else{
    $bookNos = $_POST['bookNos'];
    $bookNos_arr = explode(",",$bookNos);
    $sql = "update item set pay=1 where id=? and userID=? ";
   foreach ($bookNos_arr as $bookNo){
       $pram = array($bookNo,$userID);
       $db->update($sql,$pram);
   }
    echo "<script>alert('支付成功');history.back();</script>";
}


